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Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing of Claims: 

1. (Currently Amended) A tamper-resistant identity module adapted for 
physical engagement with a client system , the module comprising: having 

means for receiving digital content over a network and a digital-content usage 
device, wherein said tamper-resistant identity module comprises a digital rights 
management (DRM) agent for enabling usage of said digital contont. c ontent: and 

means for performino at least part of an authentication and key agreement (AKA) 
procedure, and said DRM aoent includes means for performing DRM processing based 
on information from said AKA procedure. 

2. (Original) The tamper-resistant identity module according to claim 1, wherein 
said DRM agent is implemented as an application in an application environment of said 
tamper- resistant identity module. 

3. (Original) The tamper-resistant identity module according to claim 2, wherein 
said DRM agent application is loaded into said identity module application environment 
from an external tmsted party associated with said identity module. 

4. (Original) The tamper-resistant identity module according to claim 3, wherein 
said identity module comprises means for authenticating said DRM agent. 

5. (Canceled) 

6. (Original) The tamper-resistant identity module according to claim 5, wherein 
said DRM agent includes means for extracting a content-protection key to be used for 



Page 2 of 14 



Appl. No. 10/524,583 

Amdt. Dated December 5. 2008 

Reply to Office action of August S, 2008 

Attorney Docl<et No. P17238-US1 

EUS/J/P/08-1368 

decrypting encrypted digital content provided from a content provider, based on 
information from said AKA procedure. 

7. (Original) The tamper-resistant identity module according to claim 1 , wherein 
said DRM agent comprises means for enabling charging for digital content usage. 

8. (Original) The tamper-resistant identity module according to claim 1 , wherein 
said DRI\^ agent comprises means for managing information related to usage of said 
digital content, said usage information sen/ing as a basis for charging for digital-content 
usage. 

9. (Original) The tamper-resistant identity module according to claim 8, wherein 
said DRM agent further comprises: 

means for integrity protecting said usage information based on an identity- 
module specific key; and 

means for sending said integrity protected usage infonnation to an extemal party 
managing charging of digital-content usage. 

10. (Original) The tamper-resistant identity module according to claim 1. wherein 
said DRM agent implemented in said identity module further comprises means for 
enabling registration of at least one digital-content usage device. 

11. (Original) The tamper-resistant identity module according to claim 1, further 
comprising means for communication between said DRM agent and further DRM 
functionality implemented in said digital-content usage device based on usage-device 
specific key infonnation. 

12. (Original) The tamper-resistant identity module according to claim 11, 
wherein said communication means is operable for ensuring that only a usage device 
with valid DRM functionality is enabled to use said digital content. 
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13. (Original) The tamper-resistant Identity module according to claim 1, wlierein 
said DRM agent comprises means for receiving, from an external tmsted party, a DRIVI 
application adapted for use witii a digital-content usage device, and means for 
transferring said DRIVI application into a tamper-resistant application environment in 
said digital-content usage device based on usage-device specific key information. 

14. (Original) The tamper-resistant identity module according to claim 1, wherein 
said DRM agent implemented in said identity module includes means for checking that 
the forward-lock function of the Wireless Application Protocol (WAP) Is not violated. 

1 5. (Cun-ently Amended) A client system comprising: 
means for receiving digital content over a networi<; 

a digital-content usage device; and 

a tamper-resistant Identity module implemented with a digital rights management 
(DRM) agent for enabling usage of said digital content by said digital- content usage 
devicer device: 

wherein said identity module further comprises means for performing at least part 
of an authentication and key agreement (AKA) procedure, and said DRM agent includes 
means for performing DRM processing based on information from said AKA procedure. 

16. (Original) The client system according to claim 15, wherein said DRM agent 
is implemented as an application in an application environment of said tamper-resistant 
identity module. 

17. (Original) The client system according to claim 16, wherein said DRM agent 
application Is loaded into said Identity module application environment from an external 
trusted party associated with said identity module. 
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18. (Original) The client system according to claim 17, wherein said identity 
module comprises means for authenticating said DRM agent. 

19. (Canceled) 

20. (Original) The client system according to claim 19, wherein said DRIVI agent 
includes means for extracting a content-protection key to be used for decrypting 
encrypted digital content provided from a content provider, based on information from 
said AKA procedure. 

21. (Original) The client system according to claim 19. wherein said DRM agent 
comprises means for enabling charging for digital content usage. 

22. (Original) The client system according to claim 15, comprising means for 
communication between said DRM agent and a further DRM agent Implemented in said 
digital-content usage device based on usage-device specific key information. 

23. (Original) The client system according to claim 22. wherein said 
communication means is operable for ensuring that only a usage device with valid DRM 
functionality is enabled to use said digital content. 

24. (Original) The client system according to claim 23. wherein said client system 
further comprises means for transmitting, to a tmsted certification party, identification 
information associated with said digital-content usage device, and In response thereto 
receiving a protected representation of said usage-device specific key, and said DRM 
agent comprises means for extracting said usage-device specific key representation for 
storage in said tamper-resistant identity module. 

25. (Original) The client system according to claim 15, wherein said digital- 
content usage device Includes a tamper-resistant application environment, and a DRM 



Page 5 of 14 



Appl. No. 10/524.583 

Amdt. Dated December 5. 2008 

Reply to Office action of August 5, 2008 

Attorney Docltet No. P17238-US1 

EUS/J/P/08-1368 

application adapted for use as a DRM agent in said usage device is loaded into said 
application environment at least partly based on usage-device specific key information. 

26. (Original) The client system according to claim 25, wherein said digital- 
content usage device comprises: 

means for generating new device key information associated with a downloaded 
DRIVl application at least partly based on said usage-device specific key information: 
and 

means for replacing usage-device specific key infonnation stored in said usage 
device with said new device key infonnation. 

27. (Original) The client system according to claim 26, wherein said DRM agent 
implemented in said identity module comprises means for replacing usage-device 
specific key Information stored in said identity module with key information 
corresponding to said new device key infomiation. 

28. (Currently Amended) A digital rights managem e nt (DRM) modu l o client 
system comprising: 

a tamper resistant identitv module: 
a digital-content usage device: 

a first DRM agent implemented In [[a]] the tamper-resistant identity module for 
engagement with a client device, said first DRM agent comprising means for performing 
first DRM processing associated with digital content; 

a second DRM agent implemented in [[a]] the digital-content usage device 
adapted for using said digital content, said second DRM agent comprising means for 
performing second DRM processing associated with said digital content; and 

means for communication between said first DRM agent and said second DRM 
agent based on usage-device specific key information, information: 

wherein said tamper-resistant identitv module comprises means for performing at 
least part of an authenti cation and kev agreement (AKA) procedure, and said means for 
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performing first DRM pro cessing in said first DRM aaent operates based on information 
from said AKA procedure. 

29. (Original) Tine DRM modulo client system according to claim 28. wherein said 
communication means is operable for ensuring that only a usage device with valid DRM 
functionality is enabled to use said digital content. 

30. (Canceled) 

31 . (Currently Amended) The DRM modu l o client system according to claim 30, 
wherein said means for performing first DRM processing in said first DRM agent 
includes means for extracting a content- protection key to be used for decrypting 
protected digital content from a content provider, based on information from said AKA 
procedure. 

32. (Currently Amended) The DRM modulo client system according to claim 31 , 
wherein said communication means is operable for ensuring that said content-protection 
key is accessible only by a second DRM agent that properly enforces usage rules 
associated with said digital content. 

33. (Currently Amended) The DRM modulo client system according to claim 32, 
wherein said means for perfonning second DRM processing In said second DRM agent 
comprises means for decrypting encrypted digital content by means of said content- 
protection key. 

34. (Cun-ently Amended) The DRM modu l o client system according to claim 30, 
wherein said means for performing first DRM processing in said first DRM agent 
comprises means for enabling charging for said digital content. 
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35. (Currently Amended) The DRM modul e client system according to claim 28. 
wherein said first DRM agent comprises: 

-means for authenticating said usage device based on said usage-device specific 
key information to verify that said usage device has valid DRM functionality; and 

-means for sending DRM data enabling usage of said digital content to said 
second DRM agent in response to successful authentication of a usage device with 
valid DRM functionality. 

36. (Cun-ently Amended) The DRM modul e client system according to claim 28, 
wherein said first DRM agent comprises: 

-means for encrypting DRM data enabling usage of said digital content, based on 
said usage-device specific key information: and 

means, forming part of said communication means, for sending said encrypted 
DRM data to said second DRM agent; and 

said second DRM agent comprises means for decrypting said encrypted DRM 
data to enable usage of said digital content, based on said usage-device specific key 
information. 

37. (Currently Amended) The DRM modulo client system according to claim 28, 
wherein said tamper-resistant identity module and said usage device are tamper- 
resistantly configured with usage-device specific key information. 

38. (Currently Amended) The DRM modu le client system according to claim 28, 
wherein said second DRM agent comprises means for compiling information related to 
usage of said digital content, and means for transferring said usage information to said 
first DRM agent based on said usage-device specific key information; and said first 
DRM agent comprises means for sending said usage infomiation to an extemal party 
managing charging of digital-content usage, said usage infomiation serving as a basis 
for charging for digital-content usage. 
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39. (Currently Amended) The DRM modu l o client system according to claim 28, 
wherein said second DRM agent comprises means for sending a first control signal 
related to the digital-content usage process to said first DRM agent, and said first DRM 
agent comprises means for processing signal data associated with said first control 
signal to generate a second control signal, and means for sending said second control 
signal to said second DRM agent for controlling said digital-content usage process. 

40. (Currently Amended) The DRM modulo client system according to claim 28, 
wherein said first DRM agent is implemented as an application In an application 
environment of said tamper-resistant identity module. 

41 . (Currently Amended) The DRM modu l o client system according to claim 40, 
wherein said first DRM agent application is loaded into said identity module application 
environment from an external trusted party associated with said identity module. 

42. (Currently Amended) The DRM modu l o client system according to claim 40, 
wherein said identity module comprises means for authenticating said DRM agent. 

43. (Currently Amended) The DRM modu l o client system according to claim 28, 
wherein said second DRM agent Is implemented as an application in a tamper-resistant 
application environment in said usage device. 

44. (Currently Amended) The DRM modu lo client system according to claim 43, 
wherein said second DRM agent application is loaded Into said usage-device 
application environment at least partly based on said usage-device specific key 
information. 

45. (Currently Amended) The DRM modulo client system according to claim 44, 
wherein said digital-content usage device comprises: 
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-means for generating new device key information associated with said 
downloaded DRM application at least partly based on said usage-device specific key 
information; and 

-means for replacing usage-device specific key information stored in said usage 
device with said new device key information. 

46. (Currently Amended) The DRM modulo client system according to claim 45, 
wherein said DRM agent implemented in said identity module comprises means for 
replacing usage-device specific key infomnation stored in said identity module with key 
information corresponding to said new device key information. 

47. (Original) A method for digital rights management (DRM) comprising the 
steps of : 

-tamper-resistantly configuring a usage device, adapted for using digital content, 
with a usage-device specific key; 

providing a cryptographic representation of said usage-device specific key to a 
client device associated with said usage device; processing, at a trusted certification 
party, said cryptographic representation received in a request from said client device to 
retrieve key information representative of said usage-device specific key; 

securely transferring said key information from said trusted certification party to a 
tamper-resistant identity module in said client device, based on an identity- module 
specific key ; and 

establishing communication between a first DRM agent in said tamper- resistant 
identity module and a second DRM agent in said usage device based on the key 
information transferred to the identity module and the usage-device specific key in said 
usage device. 
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